#include <gnutls_int.h>
#include <gnutls_errors.h>
#include <gnutls_auth_int.h>
#include <gnutls_num.h>
#include <gnutls_datum.h>
#include <gnutls_record.h>
#include <gnutls_handshake.h>
#include <gnutls_dh.h>
#include <gnutls_buffers.h>
#include <gnutls_state.h>
#include <auth_cert.h>
#include <gnutls_algorithms.h>
#include <gnutls_rsa_export.h>
Go to the source code of this file.
#define MAX_PRF_BYTES 200 |
#define MAX_SEED_SIZE 200 |
Definition at line 577 of file gnutls_state.c.
Referenced by MHD__gnutls_P_hash(), and MHD_gtls_PRF().
#define MIN_DH_BITS 727 |
static void deinit_internal_params | ( | MHD_gtls_session_t | session | ) | [inline, static] |
Definition at line 151 of file gnutls_state.c.
References MHD_gtls_internal_params_st::dh_params, MHD_gtls_internal_params_st::free_dh_params, MHD_gtls_internal_params_st::free_rsa_params, MHD_gtls_session_int::internals, MHD__gnutls_dh_params_deinit(), MHD__gnutls_rsa_params_deinit(), MHD_gtls_internals_st::params, and MHD_gtls_internal_params_st::rsa_params.
Referenced by MHD_gtls_handshake_internal_state_clear().
static int MHD__gnutls_cal_PRF_A | ( | enum MHD_GNUTLS_HashAlgorithm | algorithm, | |
const void * | secret, | |||
int | secret_size, | |||
const void * | seed, | |||
int | seed_size, | |||
void * | result | |||
) | [inline, static] |
Definition at line 557 of file gnutls_state.c.
References GNUTLS_E_INTERNAL_ERROR, GNUTLS_MAC_FAILED, MHD_gnutls_assert, MHD_gnutls_hash(), MHD_gnutls_MHD_hmac_deinit(), and MHD_gtls_MHD_hmac_init().
Referenced by MHD__gnutls_P_hash().
void MHD__gnutls_certificate_send_x509_rdn_sequence | ( | MHD_gtls_session_t | session, | |
int | status | |||
) |
MHD__gnutls_certificate_send_x509_rdn_sequence - This function will order gnutls to send or not the x.509 rdn sequence : is a pointer to a MHD_gtls_session_t structure. : is 0 or 1
If status is non zero, this function will order gnutls not to send the rdnSequence in the certificate request message. That is the server will not advertize it's trusted CAs to the peer. If status is zero then the default behaviour will take effect, which is to advertize the server's trusted CAs.
This function has no effect in clients, and in authentication methods other than certificate with X.509 certificates.
Definition at line 530 of file gnutls_state.c.
References MHD_gtls_internals_st::ignore_rdn_sequence, and MHD_gtls_session_int::internals.
void MHD__gnutls_deinit | ( | MHD_gtls_session_t | session | ) |
MHD__gnutls_deinit - This function clears all buffers associated with a session : is a MHD_gtls_session_t structure.
This function clears all buffers associated with the . This function will also remove session data from the session database if the session was terminated abnormally.
Definition at line 304 of file gnutls_state.c.
References MHD_gtls_key::A, MHD_gtls_key::a, MHD_gtls_internals_st::application_data_buffer, MHD_gtls_key::b, MHD_gtls_key::B, MHD_gtls_session_int::cipher_specs, MHD_gtls_key::client_g, MHD_gtls_key::client_p, MHD_gtls_cipher_specs_st::client_write_IV, MHD_gtls_cipher_specs_st::client_write_key, MHD_gtls_cipher_specs_st::client_write_mac_secret, MHD_gtls_key::client_Y, MHD_gtls_session_int::connection_state, MHD_gtls_key::dh_secret, MHD_gtls_internals_st::handshake_data_buffer, MHD_gtls_internals_st::handshake_hash_buffer, MHD_gtls_internals_st::ia_data_buffer, MHD_gtls_session_int::internals, MHD_gtls_key::KEY, MHD_gtls_session_int::key, MHD__gnutls_credentials_clear(), MHD__gnutls_free_datum, MHD__gnutls_handshake_io_buffer_clear, MHD_gnutls_cipher_deinit(), MHD_gnutls_free, MHD_gtls_buffer_clear, MHD_gtls_free_auth_info(), MHD_gtls_handshake_internal_state_clear(), MHD_gtls_mpi_release(), MHD_gtls_selected_certs_deinit(), MHD_gtls_conn_stat_st::read_cipher_state, MHD_gtls_conn_stat_st::read_mac_secret, MHD_gtls_internals_st::record_recv_buffer, MHD_gtls_internals_st::record_send_buffer, MHD_gtls_key::rsa, MHD_gtls_cipher_specs_st::server_write_IV, MHD_gtls_cipher_specs_st::server_write_key, MHD_gtls_cipher_specs_st::server_write_mac_secret, MHD_gtls_key::u, MHD_gtls_conn_stat_st::write_cipher_state, MHD_gtls_conn_stat_st::write_mac_secret, and MHD_gtls_key::x.
Referenced by MHD_cleanup_connections().
int MHD__gnutls_init | ( | MHD_gtls_session_t * | session, | |
MHD_gnutls_connection_end_t | con_end | |||
) |
MHD__gnutls_init - This function initializes the session to null (null encryption etc...). : indicate if this session is to be used for server or client. : is a pointer to a MHD_gtls_session_t structure.
This function initializes the current session to null. Every session must be initialized before use, so internal structures can be allocated. This function allocates structures which can only be free'd by calling MHD__gnutls_deinit(). Returns zero on success.
can be one of GNUTLS_CLIENT and GNUTLS_SERVER.
Returns: GNUTLS_E_SUCCESS on success, or an error code.
Definition at line 213 of file gnutls_state.c.
References DEFAULT_CERT_TYPE, DEFAULT_EXPIRE_TIME, DEFAULT_LOWAT, DEFAULT_MAX_RECORD_SIZE, GNUTLS_E_MEMORY_ERROR, INITIAL_RECV_BUFFER_SIZE, MAX_HANDSHAKE_PACKET_SIZE, MHD__gnutls_dh_set_prime_bits(), MHD__gnutls_handshake_set_max_packet_length(), MHD__gnutls_transport_set_lowat(), MHD_gnutls_calloc, MHD_GNUTLS_CIPHER_NULL, MHD_gnutls_free, MHD_GNUTLS_MAC_NULL, MHD_gnutls_malloc, MHD_gtls_buffer_init, MHD_gtls_handshake_internal_state_clear(), and MIN_DH_BITS.
Referenced by MHD_accept_connection().
static int MHD__gnutls_P_hash | ( | enum MHD_GNUTLS_HashAlgorithm | algorithm, | |
const opaque * | secret, | |||
int | secret_size, | |||
const opaque * | seed, | |||
int | seed_size, | |||
int | total_bytes, | |||
opaque * | ret | |||
) | [static] |
Definition at line 583 of file gnutls_state.c.
References GNUTLS_E_INTERNAL_ERROR, GNUTLS_MAC_FAILED, MAX_SEED_SIZE, MHD__gnutls_cal_PRF_A(), MHD_gnutls_assert, MHD_gnutls_hash(), MHD_gnutls_hash_get_algo_len(), MHD_gnutls_MHD_hmac_deinit(), and MHD_gtls_MHD_hmac_init().
Referenced by MHD_gtls_PRF().
int MHD__gnutls_record_get_direction | ( | MHD_gtls_session_t | session | ) |
MHD__gnutls_record_get_direction - This function will return the direction of the last interrupted function call : is a MHD_gtls_session_t structure.
This function provides information about the internals of the record protocol and is only useful if a prior gnutls function call (e.g. MHD__gnutls_handshake()) was interrupted for some reason, that is, if a function returned GNUTLS_E_INTERRUPTED or GNUTLS_E_AGAIN. In such a case, you might want to call select() or poll() before calling the interrupted gnutls function again. To tell you whether a file descriptor should be selected for either reading or writing, MHD__gnutls_record_get_direction() returns 0 if the interrupted function was trying to read data, and 1 if it was trying to write data.
Returns: 0 if trying to read data, 1 if trying to write data.
Definition at line 801 of file gnutls_state.c.
References MHD_gtls_internals_st::direction, and MHD_gtls_session_int::internals.
void MHD__gnutls_record_set_default_version | ( | MHD_gtls_session_t | session, | |
unsigned char | major, | |||
unsigned char | minor | |||
) |
Definition at line 548 of file gnutls_state.c.
References MHD_gtls_internals_st::default_record_version, and MHD_gtls_session_int::internals.
void MHD__gnutls_session_cert_type_set | ( | MHD_gtls_session_t | session, | |
enum MHD_GNUTLS_CertificateType | ct | |||
) |
Definition at line 45 of file gnutls_state.c.
References MHD_gtls_security_param_st::cert_type, and MHD_gtls_session_int::security_parameters.
Referenced by MHD_gtls_cert_type_recv_params().
Definition at line 663 of file gnutls_state.c.
Referenced by MHD_gtls_PRF().
enum MHD_GNUTLS_CertificateType MHD_gnutls_certificate_type_get | ( | MHD_gtls_session_t | session | ) |
MHD_gnutls_certificate_type_get - Returns the currently used certificate type. : is a MHD_gtls_session_t structure.
The certificate type is by default X.509, unless it is negotiated as a TLS extension.
Returns: the currently used enum MHD_GNUTLS_CertificateType certificate type.
Definition at line 74 of file gnutls_state.c.
References MHD_gtls_security_param_st::cert_type, and MHD_gtls_session_int::security_parameters.
Referenced by call_get_cert_callback(), and get_issuers().
enum MHD_GNUTLS_CipherAlgorithm MHD_gnutls_cipher_get | ( | MHD_gtls_session_t | session | ) |
MHD_gnutls_cipher_get - Returns the currently used cipher. : is a MHD_gtls_session_t structure.
Returns: the currently used cipher.
Definition at line 58 of file gnutls_state.c.
References MHD_gtls_security_param_st::read_bulk_cipher_algorithm, and MHD_gtls_session_int::security_parameters.
enum MHD_GNUTLS_KeyExchangeAlgorithm MHD_gnutls_kx_get | ( | MHD_gtls_session_t | session | ) |
MHD_gnutls_kx_get - Returns the key exchange algorithm. : is a MHD_gtls_session_t structure.
Returns: the key exchange algorithm used in the last handshake.
Definition at line 86 of file gnutls_state.c.
References MHD_gtls_security_param_st::kx_algorithm, and MHD_gtls_session_int::security_parameters.
Referenced by MHD_gtls_proc_x509_server_certificate().
int MHD_gtls_dh_get_allowed_prime_bits | ( | MHD_gtls_session_t | session | ) |
Definition at line 372 of file gnutls_state.c.
References MHD_gtls_internals_st::dh_prime_bits, and MHD_gtls_session_int::internals.
Referenced by MHD_gtls_proc_dh_common_server_kx().
int MHD_gtls_dh_set_group | ( | MHD_gtls_session_t | session, | |
mpi_t | gen, | |||
mpi_t | prime | |||
) |
Definition at line 470 of file gnutls_state.c.
References MHD_gtls_cert_auth_info_st::dh, MHD_gtls_dh_info_st::generator, GNUTLS_E_INTERNAL_ERROR, MHD__gnutls_free_datum, MHD_gnutls_assert, MHD_GNUTLS_CRD_CERTIFICATE, MHD_gtls_auth_get_type(), MHD_gtls_get_auth_info(), MHD_gtls_mpi_dprint_lz(), and MHD_gtls_dh_info_st::prime.
Referenced by gen_dhe_server_kx(), and MHD_gtls_proc_dh_common_server_kx().
int MHD_gtls_dh_set_peer_public | ( | MHD_gtls_session_t | session, | |
mpi_t | public | |||
) |
Definition at line 378 of file gnutls_state.c.
References MHD_gtls_cert_auth_info_st::dh, GNUTLS_E_INTERNAL_ERROR, MHD_gnutls_assert, MHD_GNUTLS_CRD_CERTIFICATE, MHD_gtls_auth_get_type(), MHD_gtls_get_auth_info(), MHD_gtls_mpi_dprint_lz(), and MHD_gtls_dh_info_st::public_key.
Referenced by MHD_gtls_proc_dh_common_client_kx(), and MHD_gtls_proc_dh_common_server_kx().
int MHD_gtls_dh_set_secret_bits | ( | MHD_gtls_session_t | session, | |
unsigned | bits | |||
) |
Definition at line 412 of file gnutls_state.c.
References MHD_gtls_cert_auth_info_st::dh, GNUTLS_E_INTERNAL_ERROR, MHD_gnutls_assert, MHD_GNUTLS_CRD_CERTIFICATE, MHD_gtls_auth_get_type(), MHD_gtls_get_auth_info(), and MHD_gtls_dh_info_st::secret_bits.
Referenced by MHD_gtls_dh_common_print_server_kx(), and MHD_gtls_gen_dh_common_client_kx().
void MHD_gtls_handshake_internal_state_clear | ( | MHD_gtls_session_t | session | ) |
Definition at line 167 of file gnutls_state.c.
References MHD_gtls_internals_st::adv_version_major, MHD_gtls_internals_st::adv_version_minor, DEFAULT_MAX_RECORD_SIZE, deinit_internal_params(), MHD_gtls_internals_st::direction, MHD_gtls_internals_st::extensions_sent_size, MHD_gtls_internals_st::handshake_header_buffer, MHD_gtls_session_int::internals, MHD_gtls_internals_st::last_handshake_in, MHD_gtls_internals_st::last_handshake_out, MHD__gnutls_free_datum, MHD_gtls_internals_st::proposed_record_size, MHD_gtls_internals_st::recv_buffer, MHD_gtls_internals_st::resumable, RESUME_TRUE, and MHD_gtls_internals_st::v2_hello.
Referenced by MHD__gnutls_deinit(), MHD__gnutls_handshake(), and MHD__gnutls_init().
int MHD_gtls_PRF | ( | MHD_gtls_session_t | session, | |
const opaque * | secret, | |||
int | secret_size, | |||
const char * | label, | |||
int | label_size, | |||
const opaque * | seed, | |||
int | seed_size, | |||
int | total_bytes, | |||
void * | ret | |||
) |
Definition at line 679 of file gnutls_state.c.
References GNUTLS_E_INTERNAL_ERROR, MAX_PRF_BYTES, MAX_SEED_SIZE, MHD__gnutls_P_hash(), MHD__gnutls_protocol_get_version(), MHD__gnutls_xor(), MHD_gnutls_assert, MHD_GNUTLS_MAC_MD5, MHD_GNUTLS_MAC_SHA1, and MHD_GNUTLS_PROTOCOL_TLS1_2.
Referenced by generate_normal_master(), MHD__gnutls_finished(), and MHD__gnutls_set_keys().
int MHD_gtls_rsa_export_set_pubkey | ( | MHD_gtls_session_t | session, | |
mpi_t | exponent, | |||
mpi_t | modulus | |||
) |
Definition at line 439 of file gnutls_state.c.
References MHD_gtls_rsa_info_st::exponent, GNUTLS_E_INTERNAL_ERROR, MHD__gnutls_free_datum, MHD_gnutls_assert, MHD_gtls_get_auth_info(), MHD_gtls_mpi_dprint_lz(), MHD_gtls_rsa_info_st::modulus, and MHD_gtls_cert_auth_info_st::rsa_export.
Referenced by gen_rsa_export_server_kx(), and proc_rsa_export_server_kx().
int MHD_gtls_session_cert_type_supported | ( | MHD_gtls_session_t | session, | |
enum MHD_GNUTLS_CertificateType | cert_type | |||
) |
Definition at line 96 of file gnutls_state.c.
References MHD_gtls_certificate_credentials_st::cert_list, MHD_gtls_priority_st::cert_type, MHD_gnutls_cert::cert_type, DEFAULT_CERT_TYPE, MHD_gtls_security_param_st::entity, GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE, GNUTLS_SERVER, MHD_gtls_session_int::internals, MHD_gtls_session_int::key, MHD_GNUTLS_CRD_CERTIFICATE, MHD_gtls_get_cred(), MHD_gtls_certificate_credentials_st::ncerts, MHD_gtls_priority_st::num_algorithms, MHD_gtls_internals_st::priorities, MHD_gtls_priority_st::priority, MHD_gtls_session_int::security_parameters, and MHD_gtls_certificate_credentials_st::server_get_cert_callback.
Referenced by MHD_gtls_cert_type_recv_params().
int MHD_gtls_session_is_export | ( | MHD_gtls_session_t | session | ) |
Definition at line 769 of file gnutls_state.c.
References MHD_gtls_cipher_get_export_flag(), MHD_gtls_cipher_suite_get_cipher_algo(), and MHD_gtls_session_int::security_parameters.
Referenced by MHD_gtls_recv_server_kx_message().